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INTERTRUST TECHNOLOGIES 
CORPORATION, a Delaware corporation. 

Plaintiff, 



V. 



MICROSOFT CORPORATION, a 
Washington corporation. 



Case No. C 01-1640 SBA (MEJ) 

Consolidated with C 02-0647 SBA 

INTERTRUST'S PATENT LOCAL RULE 
4-2 PRELIMINARY CLAIM 
CONSTRUCTIONS AND 
IDENTIFICATION OF EVIDENCE 



Defendant. 



AND COUNTER ACTION. 



I. PatL.R. 4-2(a) Preliminary Claim Constructions 

The following constitute hiteiTnist's proposed definitions for claim terms identified in 
the parties' Rule 4-1 disclosures. LoterTrust reserves the right to modify these definitions in b'ght 
of definitions, evidence or arguments prc^oiuided by Microsoft. 

Capitalized terms occurring in definitions represent separately-defined terms and should 
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1 be given the same meaning as in the separate dejSnition. 

2 The desijgnation of a definition as '*nonnal English" means that InterTrust believes the 

3 defined term should have its normal EngUsh meaning, with no definition being necessary. 

4 Submission of a definition in such cases does not constitute a waiver of InterTmst*s right to 

5 contend that no such defim'tion is necessary. 

6 j These terms are defined for the claims specified in the definition. InterTrust reserves the 

7 1 light to assert that these terms should be interpreted differently in contexts other than those 

8 I specified. 

9 Reference citations are to "extrinsic evidence'* h'sted in Section n of this document 

10 j Unless otherwise noted, the references constitute dictionaries and the citations are to definitions 

11 j of the designated temis in such dictionaries. 

12 I A» Individual Claim Terms. 

13 Access. (193.15, 193.19, 912.8, 912.35, 861,58, 683.2, 721.34)* 

14 To obtain something so it can be used. 

15 References: 1,2,6. 

16 Addressing (861.58) 

17 Referring to a location where information is stored. 

18 Reference: 3. 

19 Allowing, allows (912.35, 193.1, 193.11, 193.15, 193.19) 

20 11 Normal English: permitting, permits; letting happen, lets happen. 

21 I Reference: 4. 

22 I Applying in combination (683.2) 

23 Using more than one Rule to Govern a Secure Container Governed Item. 

24 Arrangement (721.34) 

25 Normal English: a collection of things that have been arranged. In context, the 
I term can apply to an organization of hardware and/or software and/or data. 

26 II 

Reference: 4. 
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' Patent and Claim numbers are denoted herein in the format ''xxx.y/', where "xxx" is the last 
I three digits of the patent nmnber and "YY" is the claim nxunber. 
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Aspect (900.155, 912.8, 861.58, 683.2) 

Feature, element, property or state. 
Associated With (912.8, 193.1, 193.1 1, 193.15, 683.2) 

Having a relationship with. 
AathenticatioD (193.15) 

In context. Identifying (e.g., a person, device, organization, document, file, etc.). 
Includes uniquely identifying or identifying as a member of a group. 

Authorization Information/Aiithonze/Not Anthorize (193.15, 193.19) 

Authorize: . 

Normal Engli^: permit 

References: 4. 

Authorization Information: 

In context: Information (e.g., a key) received if an action is Authorized. 
See Specific Information for the definition of Infoimation. 

Budget (193.1) 

Information specifying a limitation on usage. See Specific Infoimation for the 
definition of Information. 

Reference: 4. 

Budget control (193.1) 

The term is explicitly defined in the claim as a Control "including a budget 
specifying ihe number of copies which can be made of said digital file." 

Can be (193.1) 

Normal English: the specified act is able or authorized to be carried out In 
context, this means the number of copies allowed to be made. 

Reference: 4, 
Capacity (683.2) 

Normal English; "ability," or "capability." 

Reference: 4. _ _ 

Clearinghouse (193.19) 

A provider of financial and/or administrative services for a number of users; or an 
entity responsible for the collection, maintenance, and/or distribution of materials, 
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infonnatioa, licenses, etc. 
Compares/Comparison (900.155) 
Nonnal English: 

Compares: examines for the purpose of noting similarities and diffCTences. 

I- 

Reference: 4. 

Comparison: the act of comparing. 

Reference: 4. 

. Component Assembly (91 2.8, 91 2.35) 

Components are code and/or data elem&its that are independently deliverable. A 
Component Assembly is two or more components associated together. 
Component Assemblies are executed to perfonn operating system or applications 
tasks. 

Contained/Contain/Containing (683.2, 912.8, 912.35) 

Normal English: to have within or to hold In the context of an element 
contained within a data structure (e.g., a secure container), the contained element 
may be either directly within the container or the container may hold a reference 
indicating .wiiere the element may be found. 

Reference: 4. 

Control (n) (193.1, 193.11, 193.15, 193.19, 891.1) 

Information and/or programming Governing operations on or use of Resources 
(e.g., content) including (a) permitted, required or prevented operations, (b) the 
nature or extent of such operations or (c) the consequences of such operations. 

Control (v)/Controlling (861.58, 193.1) 

Nonnal English: to exercise authoritative or dominating influence over; direct. 

Reference: 4. 
jCopied file (153 JJ)_ 

A Digital File that has been Copied. 

Copy, copied, copying (193.1, 193.11, 193.15, 193.19) 

Reproduce, rq?roduced, reproducing. The reproduction may incorporate all of the | 
original item, or only some of it, and may involve some changes to the item as 
long as the essential nature of the content remains imchanged. 

References: 1,4,6. 
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1 Copy control (193.1) 

2 A Control used to detennine whether a Digital File may be Copied and the Copied 
Digital File stored on a second device. 
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Creating/Creation (861.58) 

Normal English: Creating means producing Creation means the act of creating. 

Reference: 4. 
Data item (891.1) 

A unit of digital information. 

References: 2,3. 
Derive/Derives (900.155) 



Nonnal English: obtain, receive or arrive at through a process of reasoning or 
1 1 deduction. In the context of computer operations, the "process of reasoning or 

deduction'^ constitutes operations carried out by the computer. 



Reference: 4. 
Descriptive Data Structure (861.58) 



12 
13 

14 .. 

Machine-readable description of the layout and/or contents of a rights 

1 5 management data structure (e.g., a Secure Container). 

16 Designating (721.1) 

1 7 Normal English: indicating, specifying, pointing out or characterizing. 

18 Reference: 4. 

19 Device Qass (721.1) 

20 A groiq) of devices which share at least one attribute. 

21 DigitalFlle(193.1, 193.11, 193.15, 193.19) 

22 A named collection of digital information. 

23 Reference: 3 (definition of "file"). 

24 Digitally signing/digital signature (721.1) 

25 Digital signature: A digital value, verifiable with a Key, that can be used to 
detennine the source and/or integrity of a signed item (e.g., a file, program, etc.). 

26 

Digitally signing is the process of creating a digital signature. 

27 
28 
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Entity/Entity's control (891.1) 

Entity: A person or organization. 

Entity*s Control: Control belonging to .or coming from an Entity. 
Environment (912.35, 900.155, 89hl, 683.2, 721.34) 

t 

Capabilities available to a program running on a computer or other device or to 
the user of a computer or other device. Dq)ending on the context, the 
environment may be in a single device (e.g., a personal computer) or may be 
spread among multiple devices (e.g., a network). 

References: 6. 

Executable Programming/Executable (91 2.8, 912.35, 721.34) 

A computer program that can be run, directly or through interpretation. 
Reference: 3. 

Execution space (912.8) 

Resource which can be used for execution of a program or process. 

Execution space identifier (912.8) 

Information Identifying an Execution Space. See Specific Infonnation for 
definition of Information. 

Generates/Generating (900.155, 861.58) 

Normal English: creates/creating or produces/producing. 

Reference: 4. 

Govern/Govemed/Govemed Item (891.1, 683.2) 

To Govern: to control an item or operation in accordance with criteria established j 
by the holder of one or more rights relating to the item or operation or a party 
authorized to establish such criteria. 

Governed Item: an item that is Governed, 

Reference: 4. 

ISalting (900.155) 

Norma] English: suspending. 

R^ference.^^*^ ^ 
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Host Processing Environment (900. 1 55) 

This tenn is explicitly defined in the claim and therefore needs no additional 
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definition. It consists of those elements listed in the claim. 

Without waiving its position that no separate definition is required, if required to 
propose such a definition, InterTrust proposes the following: a Protected 
Processing Environment incorporating software-based Security. 

Identifier (193.15, 912.8) 

hiformation used to Identify something or someone (e.g., a password). 

Identify/identiiying (193.11, 912.8, 912.35, 861.58) 

Normal English: To establish/establishing the identity of or to 
ascertain/ascertaining the origin, nature, or definitive characteristics of 

Reference: 4. 

Including (912.8, 912.35, 900.155, 861.58, 193.1, 193.1 1, 193.15, 193.19, 891.1, 683.2) 

Normal English: -depending on the context, this means contaimng as a secondary 
or subordinate element, or considering with or placing into a group, class, or total. 

Reference: 4. 

Information previously stored (900. 1 55) 

Normal English: Information stored at an earlier time. See Specific Information 
for the definition of Information. 

Integrity programming (900.155) 

This term is fiilly defined in the claim, which specifies the steps the integrity 
programming must perform. Integrity programming is programming that 
performs the recited steps. The tenn therefore needs no additional definition. 

Without waiving its position that no separate definition is required, if required to 
propose such a definition, InterTrust proposes the following: programming that I 
checks the integrity of a Host Processing Environment I 

Key (193.19) 

Information used to encrypt, decrypt, sign or verify other information. I 
Load Module (9^^^^^^ 

An Executable xmit of code designed to be loaded into memory and executed, plus 
associated data. 

References: 3. J 

Machine Check Programming (900. 1 55) 

Programming that checks a host processing environment and derives bformation 
from an Aspect of the host processing environment. [ 
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Metadata Information (861.58) 

Information about information. Metadata Infonnation may describe the attributes 
o'f a rights management data structure as weU as processes used to create and/or 

use it. ' 

Opening secure contaiDers (683.2) 

Providing Access to the contents of a Secure Container (e.g., by decrypting the 
contents, if the contCTts are encrypted). 

Operating environment (891.1) 

Environment in which programs fimction. 

References: 6. 

Organize, organization, organization infonnation (861.58) 

In the context of organization of a Secure ContainCT, these terms refer to contents 
required or desired (including Information used to categorize these contents); or 
Infonnation used to specify a particular location for content. See Specific 
Infonnation for the definition of Infonnation. 

Portion (193.1, 193.11, 193.15, 193.19, 912.8, 912.35, 861.58) 

Normal English: a part of a whole. Tliepresenceof a "portion" does not exclude 
the presence of the whole (e.g., storage of an entire file necessarily includes 
storage of any portions into which that file may be subdivided). 

Reference: 4. 

Prevents (721.34) 

Normal English: keeps fi*om happening. 

Reference: 4. 

Processing Environment (912.35, 900.155, 721.34, 683.2) 
Processing: manipulating data. 
RefCTence: 3. . 

Processing Environment: An Environment used for Processing. A Processing 
Environment may be made up of one device or of more than one device linked 
together^ 

Protected Processing Environment (683.2, 721.34) 

—Processing Environment in which processing and/or data is at least in part 
protected from Tampering. The level of protection can vary, depending on the 
threat. 
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Protecting (683.2) 

Nonnal English: keeping 6om being damaged, attacked, stolen or injured. 

Reference: 4. 
Record (912.8, 912.35) 

Collection of related items of data treated as a tmit 

Refer^ces: 1. 

Rendering (193.11, 193.15, 193,19) 

Playing content through an audio output (e.g., speakers) or displaying content on 
a video ou^ut (e.g., a screen). 

I 

Required (912.8, 86L58) 

Nonna] English: a thing that is required is a thing that is obligatory or demanded. 

Reference: 4. 

Resource processed (891.1) 

Resource: computer software, computer hardware, data, data structure or 
information. 

Resource processed: a Resource subject to being Processed, i.e., computer 
software, data, data structure or information. See Processing Environment for a 
definition of Processed. 

Rule (861.58, 683.2) 

See Control. 

Secure (193.1, 193.11, 193.15,912.35,861.58,891.1,683.2,721.34) 

One or more mechanisms are employed to prevent, detect or discourage misuse of | 
or interference with information or processes. Such mechanisms may include 
concealment. Tamper Resistance, Authentication and access control. 
Conceabnent means that it is difficult to read information (for example, programs 
may be encrypted). Tamper Resistance and Authentication are separately defined. 
Access control means that Access to information or processes is Imited on the 
basis of authorization. Security is not absolute, but is designed to be sufficient for i 
a particular purpose. 

Reference: 6. 

Secure Container (912.35, 861.58, 683,2) 



Container: Digital File Containing linked and/or embedded items. 
Reference: 3, 5. 
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Secure Container: A Container that is Secure. 

Secnre container governed item (683.2) 

Information and/or programming Contained in a Seciire Container and Governed 
by an associated Secure Container Rule. 

, Secure containerrule (683.2) 

Rule that at least in part Governs a Secure Container Governed Item. 
Secure Database (193.1, 193.1 1, 193.15) 

Database: an organized collection of information. 

Refo-ences: 2. 

Database that is Secure. 
Secure Execution Space (72 1 .34) 

Execution Space that is Secure. ' 

Secure Memory/Memory (193.1, 193.II, 193.15) 

Memory: a component of a computer or other device where mfoimation can be 
stored and reeved. 

References: 3, 4. 

Secure Memory: Memory in which Information is handled in a Secure manner. 
See Specific Information ibr the definition of Infonnation. 

Secure Operating Environment (891.1) 

An Operating Environment that is Secure. 

Securely Applying (891 . 1) 

Requiring that one or more Controls be conq)lied with before content may be 
used. The operation of requiring that the Control(s) be complied with must be 
carried out in a Secure manner. 

Securely Assembling (912.8, 912.35) 

Associating two or more Components together to form a Component Assembly, 
in a Secure manna-. See Component Assembly for the definition of Component 

Securely Processing (891.1) 

— ftoeessing-oecmring-in a-Secuie-mannerr^ee-PrDcessing Environment for the 
definition of Processing. 
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Securely Receiving (891.1) 

Receiving has its nonnal English meaning: acquiring or getting. 
Reference: 4. 

Securely Receiving means receipt occurring in a Secure manner. 
Security (721.1, 721.34) 

Relating to being Secure. 

Security Level/Level of Security (721.1 ; 721 .34, 912.8) 

Information that can be used to detennine how Secure something is (e.g., a 
device, Tampea- Resistant Barrier or Execution Space). , 

Specified information/specific iDformation (912.35, 861.58) 

Nonnal English meaning: 

Specific: explicitly set forth or definite. 

Reference: 4. 

To ^edfy: to state explicitly or in detail. 
Referrace: 4. 

Information: nonaccidental signal(s) or charactap(s) used in a computer or 
communication system. Information includes programs and also includes data. 

Refoence: 4. 

Tamper/Tampering (683.2, 721 .1, 721 .34, 900. 1 55) 

To Use (including observe), alter or interfere with in an unauthorized manner. 

Reference: 8. 

Tamper Resistant/Tamper Resistance (721.1, 721.34, 900.155) 

- Maldng^-Tampering more-diffieultrand/or allowing-detection of Tampering. 
Tamper Resistant Barrier (721.34) 

Hardware or software that provides Tanq^er Resistance. 
Tamper Resistant Software (900.155) 

Software designed to make it more difficult to Tamper with the software. 

References: 7, 8. 
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Use(912.8, 91235, 861.58, 193.19,891.1,683.2,721.1) 

Nonnal English; to put into service or apply for a purpose, to employ, 
keference: 4. 

User controb (683.2) 

I Hardware feature of an apparatus allowing a user to operate the apparatus (e.g., a 

keyboard). 

Validity (912.8) 

A property of something (e.g., a Record) indicating that it is appropriate for use. 

Virtual Distribution Environment (900.155) 

This term is contained in the preamble'of the claim and should not be defined, 
other than as requiring the individual claim elements. 

Without waiving its position that no separate definition is required, if required to 
propose such a definition, InterTrust proposes the foDowing: secure, distributed 
electronic transaction management and rights protection system for contrblling 
the distribution and/or other usage of electronically provided and/or stored 
information. 

Claim Phrases and Clanses 

193J 

Receiving a digital file including music (193.1) 

See Receiving a digital file ( 1 93 . 1 1). This phrase is interpreted the same, except 
that the file includes music. 

Budget specifying the number of copies which can be made of said digital file (193 A) 

Nonnal English, incorporating the separately defined terms: a Budget stating the 
. number of Copies that Can Be made of the Digital File referred to earlier in the 
claim. 

Controlling the copies made of said digital file (193.1) 

The nature of this operation is fiulher defined in later claim elements. Li context, 
the Copy Control determines the conditions under which a Digital FDe may be 
Copied and the Copied File stored on a second device. 

Determining whether said digital file may be copied and stored on a second device 
based on at least said copy control (193.1) 

Normal EngUsh, incorporating the separately defined terms: Using the Copy 

GontroKn^eciding whetherthe Digital' File refenred- to earlier in the claim may be 

Copied and the Copied Digital File stored on a second device. 
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If said copy control allows at least a portioii of said digital file to be copied and 
I stored on a second device (193.1) 

Nonnal English: a "yes" result is received in the step Detennining whether said 
digital file may be copied and stored on a second device based on at least said 
copy control (193.1). 

Copying at least a portion of said digital file (193.1, 193.11, 193.15, 193.19) 

Normal English, incorporating the separately defined tenns: Copying at least a 
^ Portion of tihe Digital File referred to earlier in the claim. 

Transferring at least a portion .of said digital file to a second device (193.1, 193.1 1, 
193.15.193.19) 

Normal English, incorporating the sq)arately defined terms: at least a Portion of 
the Copied Digital File is sent to a second device. 

Storing said digital file (193.1, 193.11, 193.15) 

Nonnal English; that which was transferred in the transferring step is stored. 

193.11 

ReceiviDg a digital file (193.1, 193.1 1, 193.15, 193.19) 

Nonnal English, incorporating the separately defined term: a Digital File is 
obtained. 

This phrase has been designated by Microsoft for interpretation under § 1 12(6). 
InterTrust objects to such designation. Without waiver of such objection, as is 
required by the Local Rules, InterTrust hereby identifies acts corresponding to 
this tenn: 

Claim elements specifying the act of receiving a file, or the act of establishing 
communications, map onto a large number of structures and acts disclosed in the 
specification, many of which constitute alternate embodiments. These include 
obtaining a file or communicating through telecommunications links, satellite 
transmissions, physical exchange of media, network transmissions, etc. 

Determining whether said digital file may be copied and stored on a second device 
based on said fiyrst control (1 93. 1 1 ) 



Nonnal English, incorporating the separately defined terms: Using the Control to 
decide whether the Digital File may be Copied and the Copied Digital File stored 
on the second device. 

Identifying said second device (193.1 1) 

Normal English, incorporating the separately defined tenn: the second device is 
—Identified, - 
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Whether said first control allows transfer of said copied file to said second device 
(193.11) 

htonnal English, incoiporating the separately defined terms: Using the first 
Control to decide if the Copied Digital File may be sent to the second device. 

Said determination based at least in part on the features present at the device 
(193.11) . 

Normal English: the decision referred to earlier in the claim is based at least in 
part on characteristics of the second device. 

If said first control allows at least a portion of said digital file to be copied and 
stored on a second device (193.1 1) 

See If said copy control allows at least a portion of said digital file to be.copied 
and stored on a second device (193.1). TTie definitions are the same. 

Copying at least a portion of said digital file (193.1, 193.11, 193.15^ 193.19) 

See Copying at least a portion of said digital file ( 1 93. 1 ). The definitions are the 
same. 

Transferring at least a portion of said digital file to a second device (193.1 . 193 1 1 
93.15,193.19) ' 

Sec Transfeiting at least aportion of said digital file to a second device (193.1). 
The definitions are the same. 

Storing said digital file (193.1, 193.11, 193.15) 

See Storing said digital file (193.1). The definitions are the same. 

193.15 

Receiving a digital file (193.1, 193.11, 193.15, 193.19 

. SeeReceiving a digital fiJe (193.11). The definitions are the same. 

An authentication step comprising (193.15) 

Normal English, incorporating the separately defined term: a step involving 
- Authentication - - - . 

Accessing at least one identifier associated with a first device or with a user of said 
first device (193.15) 

Nonnal English, incorporating the separately defined terms: Accessing an 
Identifia- Associated With a device or a user of the device. 



Determining^^rwhetfaer^aid^ideDtifier is-associatedviith a de^^^ and/or user 
authorized to store said digital file (193.15) 

Norma] English, incorporating the separately defined terms: deciding whether the 
Identifier is Associated With a device or user with authority to store the Digital 
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File. 

Storing said digital file in a Hrst secure memory of said first device, but only if said 
I device and/or user is so authorized, but not proceeding with said storing if said device 
I and/or user is not authorized (193.15) 

Normal English, incorporating the separately defined terms: this step proceeds or 
does not proceed based on the preceding determining step. If this step proceeds, 
the Digital File is stored in a Secure Memory of the first device. 

Storing information associated with said digital iile in a secure database stored on 
I said first device, said information including at least one control (193.15) 

Normal English, incorporating the separately defined terms: storing a Control 
Associated With the Eftgital File in a Secure Database stored at the first device. 

Determining whether said digital file may be copied and stored on a second device 
I based on said at least one control (193.15) 

See Determining whether said digital file may be copied and stored on a second 
device based on at least said copy control (193. 1). The definitions are the same. 

If said at least one control allows at least a portion of said digital file to be copied 
and stored on a second device (193.15) 

See If said first control allows at least a portion of said digital file to be copied 
and stored-on a second-device (193.1 1). The definitions are the same. 

Copying at least a portion of said digital file (193.1, 193.11, 193.15, 193.19) 

See Copying at least a portion of said digital file (193.1). The definitions are the 
same. 

Transferring at least a portion of said digital file to a second device (193.1, 193.1 L 
193.15, 193.19) 

See Transferring at least a portion of said digital file to a second device (193.1) 
The definitions are the same. 

Storing said digital file (193.1, 193.11, 193.15) 

See Storing said digital file (193.1) The definitions are the same. 

193.19 

Receiving a digital file at a first device (193.19) 

— _ 1- See Receiving a digital file (193.1 1). The definitions are the same. 

Establishing communication between said first device and a clearinghouse located at | 
a location remote from said first device (193.19) 

Normal English, incorporating the separately defined term: sending information 
from the first device to the Clearinghouse and/or the first device receiving 
infomiation fi'om the Clearinghouse. 
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This phrase has been designated by Microsoft for interpretation under § 1 12(6). 
InterTrust objects to such designation. Without waiver of such objection, as is 
required by the Local Rules, JnterTrust hereby identifies acts correspondmg to 
this term: 

Claim elements specifying the act of receiving a file, or the act of establishing 
I communications, map onto a large number of stractures and acts disclosed in the 
specification, many of which constitute alternate embodiments. These include 
obtaining a file or communicating througji telecommunications links, satellite 
transmissions, physical exchange of media, network transmissions, etc. 

Using said autborization iDformation to gain access to or make at least one use of 
I said first digital file (193.19) 

Normal English, incorporating the separately defined temis: the Authorization 
Information is used in a process of Accessing or Using the Digital File. 

Including using said key to decrypt at least a portion of said first digital file (193.19) 

• Normal English, incorporating the separately defined terms: this step fiuther 
describes the "using said authorization information" step, and requires thit the 
earlier step include using the Key in a process of decrypting of at least a Portion 
ofthe Digital File. 

Receiving a first control from said clearinghouse at said first device (193.19) 

Normal English, incorporating the separately defined terms: the Sist device 
acqmres or gets a Control fi^m the Qearinj^ouse. 

This phrase has been designated by Microsoft for interpretation under § 1 12(6). 
InterTrust objects to such designation. Without waiver of such objection, as is 
required by the Local Rules, InterTrust hereby identifies acts corresponding to 
this term: 



Claim elemehts specifying the act of receiving a file, or the act of estabhshing 
communications, map onto a large number of structures and acts disclosed in the 
specification, many of which constitute alternate embodiments. These include 
obtaining a file or communicating throu^ telecommimications links, satellite 
transmissions, physical exchange of media, network transmissions, etc. 

Storing said first digital file in a memory of said first device (193.19) 

Normal English, incoiporating the separately defined terms: the Digital File is 
stored at the first device. 



Using said first control to determine whether said first digital file may be copied and 
stored on a second device (193.19) 

See Detemiining whether said digital file may be copied and stored on a second 
TCe-based-on=aHeastOTid-copy-controif 1937i^r'fee"^^ are the same. 



16 



INTERTRUST'S PATENT LOCAL RULE 4-2 PRELIMINARY CLAIM CONSTRUCTIONS AND 

IDENTIFICATION OF EVIDENCE 
CASE NO. C 01-1640 SBA (MEJ), CONSOUDATED WITH C 02^647 SBA 



1 

2 
3 
4 
5 
6 
7 
8 
9 
10 
11 
12 
13 
14 
15 
16 
17 
18 
19 
20 
21 
22 
23 
24 
25 
-26- 



27 
28 



If said first control allows at least a portion of said first digital file to be copied and 
stored on a second device (193.19) 

See If said first control allows at least a portion of said digital file to be copied 
and stored on a second device (193.1 1). The dejSnitions are the same. 

Copying at least a portion of said first digital file (193.1, 193.1 1, 193.15, 193.19) 

See Copying at least a portion of said digital file (193.1). The definitions are the 
same. 

Transferring at least a portion of said first digital file to a second device including a 
memory and an audio and/or video output (193.19) 

See Transferring at least a portion of said digital file to a second device (193.1). 
The definitions are the same, except that the second device has an audio or video 
ou^ut or both (e.g., a weaker, a screen, etc.). 

Storing said first digital file portion (193.19) 

Nonnal English, incorporating the separately defined terms: the Digital File 
Portion is stored. 

721.1 

Digitally signing a first load module with a first digital signature designating the 
first load module for use by a first device class (721 .1) 

Nomial English, incorporating the separately defined terms: generating a Digital 
Signature for the first Load Module, the Digital Signature Designating that the 
first Load Module is for use by a firet Device Class. 

Digitally signing a second load module with a second digital signature different from 
the first digital signature, the second digital signature designating the second load module 
for use by a second device class having at least one of tamper resistance ^d security level 
different from the at least one of tamper resistance and security level of the first device 
class (721.1) 

Normal English, incorporating the separately defined terms: generating a Digital 
Signature for the second Load Module, the Digital Signature Designating that the 
second Load Module is for use by a second Device Class. This element fiulher 
requires that the second Device Class have a different Tamper Resistance or 
Security Level than the first Device Class. 

Distributing the first load module for use by at least one device in the first device 
class (721.1) 

Normal English, incorporating the separately defined terms: distributing the first 
Load Module so that it can be used by a device in the first Device Class. 
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''-^'''^^^istributing'thesecoiid^load'Tno for use by at least one device in the second 
device class (721.1) 

Normal English, incorporating the separately denned terms: distributing the 
second Load Module so that it can be used by a device in the second Device 
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72134 , 

I 

ArraDgement within the first tamper resistant barrier (721.34) 

Normal English, incorporating the separately defined terms: an Arrangement 
• I protected by the first Tamper Resistant Barrier, the Arrangement operating as 
described in the claim. 

Prevents the first secure execution space from executing the saipe executable 
accessed by a second secure execution space having a second tamper resistant barrier with 
a second security level difTerent from the first security level (72L34) 

Normal English, incorporating the separately defined terms: stops the first Secuie 
Execution Space from executing (e.g. nmning a program) an Executable accessed 
by a second Secure Execution space. The first and second Secure Execution 
Spaces have Tamper Resistant Barriers that have different Security Levels. 

683.2 

First secure container having been received from a second apparatus (683.2) 

Normal English, incorporating the separately defined Xcrm: the Secxffe Container 
was acquir«J fiom a second apparatus. The second q)paratus is different from the 
first ^Tparatus. 

Aspect of access to or use of (683 J2, 861 .58) 

Normal English, incorporating the separately defined terms: Aspect and Access 
to or Use of. Those terms fully define the phrase, so that no other definition is 
possible. 

First secure container rule having been received from a third apparatus different 
from said second apparatus (683.2) 

Normal English, incorporating the separately defined terms: this term requires 
. that the first Seciu^ Container Rule was acquired from a third apparatus. The 
third apparatus is differ^t from the second apparatus or the first apparatus. 

Hardware or software used for receiving and opening secure containers (683.2) 

Normal English, incorporating the separately defined terms: computer hardware 
or programming that acquires Secure Containers and Opens the Seciu^e Containers 
(see Opening Secure Containers). 

This phrase has been designated by Microsofl for interpretation under § 11 2(6). 

- —-InterTrust objects to such designation. Without waiver of such objection, as is 

required by the Local Rules, InterTrust hereby identifies structures corresponding 
to this term: 



Structures corresponding to this element include Processor(s) 4126 and/or 
software running on Processors 4126 (including Protected Processing 
Environment 650) and Communications Device 666. 
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Said secure containers each including the capacity to contain a governed item, a 
secure container rule being associated with each of said secure containers (683.2) 

Normal English, incoiporating the separately defined terms: the Secure 
Containers previously referred to are each able to contain a Governed Item, and 
each Secure Container has an associated Secure Container Rule. 

Protected processing environment at least in part protecting information contained 
I in said protected processing environment from tampering by a user of said first apparatus 

1(683.2) 

Normal English, incorporating the separately defined terms: a Protected 
Processing Enviroimient contains Information. The Protected Processing 
Environment protects the contained Information from Tanq>ering by a user. The 
protection may be partial rather than complete. See Specific Information for the 
definition of ^formation. 

Hardware or software used for applying said first secure container rule and a 
second secure container rule in combination to at least in part govern at least one aspect of 
access to or use of a governed item contained in a secure container 
(683.2) 

Nonnal English, incorporating the separately defined terms: computer hardware 
or programming that uses the first Secure Container Rule and a second Secure 
Container Rule. These rules are Applied in Combination to Govern a Governed 
Item contained in a Seciure Container. 



This phrase has been designated by Microsoft for interpretation under § 1 12(6). 
InterTrust objects to such designation. Without waiver of such objection, as is 
required by the Local Rules, InterTrust hereby identifies structures corresponding 
to this term: 

Structures corresponding to this element include Processor(s) 4126 and/or software 
running on Processors 41 26 (including Protected Processing Environment 650). 

~ "Hardware or software used for transmission of secure containers to other 
I apparatuses or for receipt of secure containers from other apparatuses: (683.2) 

Nonnal English, incorporating the separately defined terms: computer hardware 
or programming that sends Secure Containers to other apparatuses (e.g., other 
computers) or acquires Secure Containers fit>m other apparatuses. 

-This phrase has been -designated by Microsoft for interpretation under § 1 12(6). 
InterTrust objects to such designation. Without waiver of such objection, as is 
required by the Local Rules, InterTrust hereby identifies structures corresponding 
to this term: 

Structures corresponding to this element include Processor(s) 4126 and/or 
software running on Processors 4126 (including Protected Processing 
Environment 650) and Communications Device 666. 
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Including or addressing . . . orgianization information . . . desired organization . . . 

8 II and metadata information at least in part specifying at least one step required or desired in 
creation of said first secure container (861.58) 



861.58 

Creating a first secure container (861.58) 

This term is contained in the po'eainble of the claim and should not be defined, 
other than as requiring the individual claim elements. 

I Without waiving its position that no separate definition is required, if required to 
propose such a definition, InterTrust proposes the following: 

Normal English, incorporating the separately defined tenns: Creating a Secure 
Container. 
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This is not a claim term, but is instead a series of Segments. Interpretation of this 
phrase is therefore impossible, since the phrase does not appear in the claim. 

At least in part determine specific information required to be included in said first 
I secure container contents (861.58) ' 

Nonnal English, incorporating the separately defined tenns: at least partially 
Identify Specific information that must be included in the first Secure Ctmtainer: 

Rule designed to control at least one aspect of access to or use of at least a portion of 
I said first secure container contents (861 .58) 

Normal English, incorporating the sq)arately defined terms: a Rule that Governs 
at least some of the contents of the Secure Container. 

900.155 

First host processing environmeDt comprisiBg (900.155) 

A Host Processing Environment including (but not limited to), the listed elements 

Said mass storage storing tamper resistant software (900.155) 

Nonnal English, incorporating the separately defined terms: a mass storage 

device (e.g., a hard drive) that stores the Tamper Resistant Software. 



Designed to be loaded into said main memory and executed by said central 
processing unit (900.155) 

Normal English, incorporating the separately defined temi: software designed to 
■be loaded into the Memory of a computer and executed by the computer's 
processor. 

Said tamper resistant software comprising: one or more storage locations storing 
said information (900. 155) 

Uns is not a claim tenn, but is instead two sentence fragments. Interpretation of 
this phrase is therefore impossible, since the phrase does not appear in the claim. 

20 



INTERTRUST'S PATENT LCXTAL RULE 4-2 PRELIMINARY CLAIM CONSTRUCTIONS AND 

IDENTIFICATION OF EVIDENCE 
CASE NO. C 01-1640 SBA (MEJ), CONSOLDDATED WITH C 02-0647 SBA 



1 

2 
3 

■ 4 
5 
6 
7 
8 
9 

10 

11 

12 

13 

14 

15 



16 

17 

18 

19 

20 

21 

22 

23 

24 

25 

26 

27 

28 



303750.01 



Derives informatioii from one or more aspects of said host processine environment 
(900.155) 

Normal English, incorporating the sq)arately defined terms: Derives (including 
creates) Infomaation based on at least one Aspect of the previously referred to 
Host Processing Environmrat. See Specific Information for the definition of 
Infonnation. 

One or more storage locations storing said information (900.155) 

Normal English, incorporating the separately defined terms: Infonnation relating 
to one or more Aspects of the Host Processing Envirpmnent.is stored in one or 
more locations. See Specificlnfonnation for the definition of Information. 

Information previously stored in said one or more storage locationji (900.155) 

See Infonnation Previously Stored Tlie definitions arc tbe ssine. 

Generates an indication-based t)n the result of said comparison (900.1 s!S) 

Normal English: a particular indication is created (e,g., a flag is set or a value is 
returned) if the comparison has one result, but not if the comparison has a 
different result. 

Programming which takes one or more actions based on the state of said indication 
(900.155) 

Nonnal English: software that takes an action if the indication has one state, but 
does not take that action if the indication does not have that state 

At least temporarily halting further processing (900.155) 

Nonnal English, incorporating the separately defined tenns: Halting Processing, 

^ the Halt being t^porary^r permanent. See Securely Processing for the 

definitibn WPnicess^^ 

912.8 

Identifying at least one aspect of an execution space (912.8) 

Normal EngUsh, incorporating the separately defined terras: Identifying an 
-Aspect (€.gr^eeuritytev€l>of-an Execution Space 

Required for use and/or execution of the load module (912.8) 

Nonnal English, incorporating the separately defined terms: the Identified Aspect | 
-is needed in order for the Load Module to execute or otherwise be used. 

Said execution space identifier provides tbe capability for distinguishing between 
execution spaces providing a higher level of security and execution spaces providing a 
lower level of security (912.8) 

Nonnal English, incorporating the separately defined terms: the Execution Space 
Identifier makes it possible to distinguish higher Security Level Execution Spaces 
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from lower Security level Execution Spaces. 

Cfaeckii^g said record for validity prior to performiDg said executing step (912.8) 

Noimal English, incorporating the separately defined terms: determining whether 
the Record has Validity, the determination occurring before the execution step. 

1912.35 

Received in a secure container (912.35) 

Normal English, incorporating the separately defimed tenns: the Record is 
Contained in a Secure Contains: when acquired. 
Said component assembly allowing access to or use of specified information; (912.35) I 

Normal English, incorporating the separately defined terms: the Component 
Assembly ^lows Access to Specified Information. 

Said first component assembly specified by said first record (912.35) 

This term is a label referring back to the first component assembly identified 
earlier in the claim. It has no other meaning. ' 

891.1 

Resource processed in a secure operating environment at a first appliance (891.1) 

This term is contained in the preamble of the claim and should not be defined, 
other than as requiring the individual claim elements. 

Without waiving its position that no separate definition is required, if required to 
propose such a definition, InterTrust proposes the following: 

Normal English, incorporating the separately defined terms: a Resource 
Processed in a Secm-e Operating Environment, the Secure Operating Environment 
being present at an appliance (e.g., a computer). 

Securely receiving a first entity's control at said first appliance (891 .1) 

Normal English, incorporating the separately defined terms: an Entity's Control 
is Securely Received at the first appliance. 

This phrase has been designated by Microsoft for interpretation under § 1 12(6). 
InterTrust objects to such designation. Without waiver of such objection, as is 
required by the Local Rules, InterTrust hereby identifies acts correspondmg to 

this term: 

Claim elements specifying the act of receiving a file, or the act of estabhshing 
commtmications, map onto a large number of structures and acts disclosed in the 
specification, many of which constitute alternate embodiments. These include 
-======^-— T^btaining^a^^^ satellite 

transmissions, phj^ical exchange of media, netwoHc transmissions, etc. 

Claim elements specifying the act of "secxu-ely receiving" map onto embodiments 
of "receiving" (see above) in which the received element (e.g., a control) is 
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received in a manner providing security. The specification describes a number of 
security-related mechanisms for use in communications, including encryption, 
authentication and tamper-resistance. Such mechanisms constitute alternate 
embodiments. 

Securely receiving a second entity's control at said first appliance (891 .1) 

See S«;urely receiving a first entity's control at said first appliance. The 
. defimtions are the same, except that the second entity and ttie first entity are 

different. 

Securely processing a data item at said first appliance, using at least one resource 

Normal English, incorporating the separately defined terms: a Resource is used 
in Securely Processing a Data Item, the processing occurring at the first appliance. 



Securely applying, at said first appliance through use of said at least one resource 
said first entity's control and said second entity's control ta govern ose of said data item 

(891.1) 
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Normal Engh'sh, incorporating the separately defined terms: the first Entity's 
Control and the second Entity's Control are Securely Applied to* Govern Use of 
the Data Item, the act of Securely Applying involving use of the Resource. 

IL Designation of Evidence under 4^2(b). 

InterTrust hereby designates the following evidence under Patent Local Rule 4-2 (b), 
without admission that this constitutes "extrinsic evidence" as defined by the Federal Circuit or 
other relevarit legal authority. 

Testimony: Dr. Michael Reiter will testify as to the understanding of the claim terms by 
someone of ordinary skill in the art. 

1 . Personal Computer Dictionary (1995) ISBN 0-8921 8-223-7 

Access 
Copy 
Record 

2. Computer Professional-s^Dictionary,-Allen-Wyatt-(€)sbome McGraw-Hill, 1990). ISBNO- 
07-881705-6 

Access 
Data Item 

Secure database - - * - - ■ - 

3. Microsoft C omputer Dictionary, Third Edition (1997) ISBN 1-57231-743-4. 



Addressing 
Copy 
Database" 
Data Item 
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Environment 
Executable File 

Load moilule 
Memory 
Processing 
Secure container 

-.1 • . 

1 4. The American Heritage Dictionary, 3d ed. (Houghton MiflQin,.1992) ISBN 0-395-44895-6 

Passim 

i 

1 5. U.S. Patent No. 5,634,019, Col 7:42-44. 
Secure container 

1 6. Webster's New World Dictionary of Computer Tmns, 6th Edition (1997) ISBN O-r-02. 
1861890-4 

Access 
Copy 

Enviroranent 

Operating environment • 
Secure 

7. U.S. Patent No. 5,991,399. 
Tamper resistant software 

8. "A Tentative Approach to Constructing Tamper-Resistant Software" by Masahiro 
MAMBO.VTakanori MU RAYAMAT, Fiji OKAMOTO, School of Information Science, 
Japan Advanced Institute of Science and TechnologyJ-l Asahidai Tatsunokuchi Nomi, 
Ishikawa/ 923-121 1 Japan, published in English 1998. 

Tamper 

Tamper resistant software 



Dated: December 3^ 2002 



KEKER & VAN NEST, LLP 




L. JAY KUC 
Attorneys for Plaintiff and Counter 
Defendant 

INTERTRUST TECHNOLOGIES 
CORPORATION 
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age of eighteen years and not a party to the within action. My business address is Keker & Van 
Nest, LLP, 710 Sansome Street, San Francisco, Cahfomia 941 1 1. 

On December 20, 2002, 1 served the following document(s): 

INTERTRUST'S PATENT LOCAL RULE 4-2 PRELIMINARY CLAIM 
CONSTRUCTIONS AND IDENTIFICATION OF EVIDENCE 

0 by PDF TRANSMISSION AND UNITED STATES MAIL, by transimttbig via PDF on this date. A trae | 
and coirect copy of same was placed in a sealed eirvelope addressed as shown below. I am readdy familiar 
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According to that practice, items are deposited with the United States Postal Service at San Francisco, 
California on that same day with postage thereon iiilly prepaid. I am aware that, on motion of the party 
served, service is presumed invalid if the postal cancellation date or the postage meter date is nx>re than one I 
day after the date of deposit for mailing stated in this affidavit 



Eric L Wesenberg, Esq. 
Maik R. Weinstein, Esq. 
Orrick Herrington & Sutcliife 
1000 Marsh Road 
MenloPark,CA 94025 
Telephone: 650/614-7400 
Facsimile: 650/614-7401 



John D. Vandenberg, Esq.. 
James E, Geringer, Esq. 
Kristin L. Cleveland, Esq. 
Klarquist Sparianan Campbell, et al. 
One World Trade Center, Suite 1600 
121 S.W. Sahnon Street 
Portland OR 97204 
Telephone: 503/226-7391 
Facsimile: 503/228-9446 



declare under penalty of perjury under the laws of the State of California that the above is true 
and correct. 



Executed on December 20, 2002, at S^Francisco, Caliform 



303876.01 




PROOF OF SERVICE 
CASE NO. COl-1640 SBA (MEJ) CONSOLIDATED WITH C 02-0647 SBA 
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